Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/qIVYORRatNAcQnPxOiay_dL6U-w.roa
File: qIVYORRatNAcQnPxOiay_dL6U-w.roa (raw, json)
Hash identifier: ZAGIp4HsKkXvBJN5bNPlTXJgJrlhiqVHx3pNV6pcDYo=
Subject key identifier: A8:85:58:39:14:5A:B4:D0:1C:42:73:F1:3A:26:B2:FD:D2:FA:53:EC
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5357
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qIVYORRatNAcQnPxOiay_dL6U-w.roa
Signing time: Thu 09 May 2024 16:54:27 +0000
ROA not before: Thu 09 May 2024 16:54:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21335 (0x5357)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 16:54:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A8855839145AB4D01C4273F13A26B2FDD2FA53EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:10:0f:5e:50:6d:3a:41:0d:6f:18:50:37:ee:
bf:59:55:b4:15:db:37:94:46:87:41:a6:64:00:32:
a4:e0:bd:68:a8:00:c3:26:d1:c4:df:e6:cf:0e:0d:
3c:79:71:41:8a:5e:21:d8:83:70:7f:ca:53:d6:9c:
45:95:a0:48:4a:ba:dd:d9:96:d7:d4:11:03:38:e0:
88:84:b2:11:d2:d4:ee:c8:7b:57:bb:f6:24:a8:eb:
f6:ed:c4:88:5b:1c:1a:a6:db:e8:86:08:69:a1:36:
28:41:b4:57:17:07:9a:f1:23:d1:2b:f8:3e:bc:c4:
7c:22:aa:58:06:6b:88:b0:aa:0c:bd:9d:0b:c5:f6:
83:14:d6:3c:86:0f:59:b8:d7:5a:20:0c:71:fc:60:
11:43:ab:b8:65:74:c7:56:14:d3:10:96:28:df:23:
88:f9:04:dd:4d:1d:22:31:18:0e:79:28:f8:17:93:
02:0c:4d:43:67:06:9a:18:83:3a:ea:57:36:53:c7:
37:8e:ec:1e:6c:23:76:60:e0:58:6f:dc:11:90:49:
5b:76:ec:79:70:89:0a:13:e2:d3:78:78:1a:03:c8:
87:0e:de:7b:ad:a7:b8:fb:55:69:e2:1b:2b:74:0c:
2e:b0:9d:fe:33:94:d9:d7:9a:c5:f8:02:06:14:9e:
82:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:85:58:39:14:5A:B4:D0:1C:42:73:F1:3A:26:B2:FD:D2:FA:53:EC
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qIVYORRatNAcQnPxOiay_dL6U-w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
26:26:57:a8:85:db:3c:19:12:05:c7:64:40:de:ba:af:bf:9d:
6e:d7:17:e3:7c:bb:ff:eb:b1:37:20:52:36:68:cf:5e:60:3b:
0e:1f:06:2c:6e:c3:3c:06:57:da:f0:0f:16:80:d8:fc:69:bc:
09:f0:3b:8e:e9:0e:b6:8a:5b:05:e3:b6:10:8b:ee:55:1a:22:
97:f0:00:b8:be:2f:23:b1:5e:29:95:52:7e:14:44:73:9f:61:
e3:d5:81:93:3d:f7:9f:5e:5e:0a:bb:bd:39:e6:24:5b:f8:59:
b4:30:51:9b:e1:32:83:49:f1:3c:02:9b:82:9d:c4:3b:65:db:
56:08:24:f6:ea:84:ac:c0:77:1c:bf:75:20:73:0b:7c:8d:a6:
f6:f2:74:ee:b0:12:db:89:31:68:df:f2:25:fc:ed:12:52:ce:
18:c3:69:73:a4:d0:d0:53:55:7c:05:4d:87:42:19:3f:4b:31:
69:5f:17:ef:9e:19:58:5c:49:4f:b5:02:51:5e:d7:9c:0b:87:
3d:05:52:d3:51:f0:c0:6c:f2:89:99:a0:ee:f4:4c:34:a1:5f:
e4:00:5f:7e:81:3d:34:b2:27:f2:39:9d:bd:65:db:1a:a7:ea:
ef:a2:a5:8b:16:2a:b4:1a:f5:99:ae:3e:15:e1:d2:dd:03:5c:
57:e5:a6:95
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICU1cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkx
NjU0MjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE4ODU1ODM5MTQ1QUI0
RDAxQzQyNzNGMTNBMjZCMkZERDJGQTUzRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcEA9eUG06QQ1vGFA37r9ZVbQV2zeURodBpmQAMqTgvWioAMMm
0cTf5s8ODTx5cUGKXiHYg3B/ylPWnEWVoEhKut3ZltfUEQM44IiEshHS1O7Ie1e7
9iSo6/btxIhbHBqm2+iGCGmhNihBtFcXB5rxI9Er+D68xHwiqlgGa4iwqgy9nQvF
9oMU1jyGD1m411ogDHH8YBFDq7hldMdWFNMQlijfI4j5BN1NHSIxGA55KPgXkwIM
TUNnBpoYgzrqVzZTxzeO7B5sI3Zg4Fhv3BGQSVt27HlwiQoT4tN4eBoDyIcO3nut
p7j7VWniGyt0DC6wnf4zlNnXmsX4AgYUnoJ7AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUqIVYORRatNAcQnPxOiay/dL6U+wwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3FJVllPUlJhdE5BY1Fu
UHhPaWF5X2RMNlUtdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACYmV6iF2zwZEgXHZEDeuq+/nW7XF+N8
u//rsTcgUjZoz15gOw4fBixuwzwGV9rwDxaA2PxpvAnwO47pDraKWwXjthCL7lUa
IpfwALi+LyOxXimVUn4URHOfYePVgZM9959eXgq7vTnmJFv4WbQwUZvhMoNJ8TwC
m4KdxDtl21YIJPbqhKzAdxy/dSBzC3yNpvbydO6wEtuJMWjf8iX87RJSzhjDaXOk
0NBTVXwFTYdCGT9LMWlfF++eGVhcSU+1AlFe15wLhz0FUtNR8MBs8omZoO70TDSh
X+QAX36BPTSyJ/I5nb1l2xqn6u+ipYsWKrQa9ZmuPhXh0t0DXFflppU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:00 2025 by rpki-client